29 October, 2023
Cyber Security

Basic Cryptographic structures

ENCRYPTION

Encryption is a method of storing a piece of text as a different text from its original content. Encrypted data is referred to as "ciphertext," and unencrypted data is referred to as "plaintext." The contemporary name for the field of encryption is cryptography. The word "cryptography" is derived from the Greek word "kryptos," meaning secret or hidden, and it refers to the body of mathematical methods used for securing information.

WHAT IS CRYPTOGRAPHY?

Cryptography serves to store the content of texts independently from the actual content, and documents stored in this way are called encrypted documents. The branch that decrypts these encrypted documents is called cryptanalysis. The first encounter with cryptography dates back to the inscriptions of the Egyptians around 1900 BC, which are the first known cryptographic documents in history.

WHAT IS CRYPTANALYSIS?

Cryptanalysis is a subfield of cryptography that seeks to decipher encrypted documents, also known as ciphertext. It is derived from the Greek words "kryptos," meaning "hidden," and "analýein." Despite the development of cryptanalysis machines such as Bombe and Colossus during World War II, all cryptanalysis machines have worked on the same principles to this day.

HISTORY OF CRYPTOGRAPHY

Cryptography has evolved over the years, passing through various stages, and has reached the present day. Around 1900 BC, an inscription was found in the main chamber of the tomb of the nobleman Khnumhotep II in Egypt. Cryptanalysis machines used during World War II, such as Bombe and Colossus computers, were developed, and many methods were devised, but the fundamental goal has always remained the same: to encrypt texts.

BASIC ENCRYPTION STRUCTURES

Cryptography was not as advanced in the early stages of history, but with the advancement of technology, cryptography has progressed and developed, and we can now use much more complex encryption methods through computers.

BASIC ENCRYPTION STRUCTURES IN THE PRESENT DAY

Encryption is predominantly used to hide and store data in the virtual realm. The Advanced Encryption Standard (AES) in the contemporary world was established by the American government to store electronic data instead of the Data Encryption Standard (DES). The work on AES began on November 26, 2001, and it took five years to standardize. The algorithm standardized with AES is based on the Rijndael algorithm developed by Vincent Rijmen and Joan Daemen, with some modifications.

Encryption operations consist of two parts: encryption and decryption. The encryption process involves converting a piece of text into any other text independent of its content. We perform the process mentioned in the explanation with the encryption key. We perform the decryption process with the decryption key.

In cryptography, we have specific encryption algorithms that we categorize according to the types of keys: symmetric, asymmetric, and hybrid encryption algorithms. The keys we use must be kept secret from others and should only be known among the parties performing the encryption.

1. SYMMETRIC ENCRYPTION STRUCTURES

Symmetric algorithms are encryption systems based on the use of a single key for encrypting texts. Over the past decade, many government and daily computer systems have used symmetric encryption methods to ensure data security.

The most important feature of symmetric encryption structures is their speed. Compared to other encryption types, symmetric algorithms have simpler structures and are easier to implement in electronic devices. Symmetric encryption algorithms have a short key length, resulting in a lower number of bits.

Encrypted texts with symmetric algorithms are based on a single key, and they are suitable for use by two or more users. The main purpose of encryption is to obtain the encrypted plain text by passing the plain text through an algorithm. We use the corresponding key to encrypt and decrypt the plain text, and the only way to read that information is to use the key. In texts with symmetric algorithms, using brute force to guess the plaintext corresponding to the cipher becomes very difficult. For example, guessing a 128-bit key with an ordinary computer would take billions of years. The longer the cipher key, the harder it is to break. 256-bit keys are generally considered very secure and theoretically resistant to brute force attacks by quantum computers.

The most common encryption systems in use today are based on block and stream ciphers. "Block ciphers encrypt data in predetermined-sized blocks and use a corresponding key and encryption algorithm (e.g., 128-bit plaintext is encrypted to 128-bit ciphertext in 128-bit blocks). On the other hand, stream ciphers encrypt plaintext data in 1-bit increments (One bit of plaintext is encrypted to one bit of ciphertext at a time)." https://academy.binance.com/tr/articles/what-is-symmetric-keycryptography

The advantages of symmetric structures include:

  • Fast algorithms
  • Can be used with hardware
  • Provides "confidentiality" security service
  • The key length is short, and therefore, the bit count is much lower.

The disadvantages of symmetric structures include:

  • Difficulty in secure key distribution
  • Capacity issues
  • Difficulty in performing authentication and integrity services.

1.1 Symmetric Algorithms

a. Block Encryption

b. Stream (Flow) Encryption Algorithms are divided into two categories.

The symmetric encryption algorithms are as follows:

  1. Advanced Encryption Standard (AES)
  2. Data Encryption Standard (DES)
  3. Triple DES (3DES)
  4. International Data Encryption Algorithm (IDEA)
  5. Blowfish
  6. Twofish
  7. IRON
  8. RC4
  9. Message-Digest Algorithm 5 (MD5)
  10. Secure Hash Algorithm (SHA)

2. ASYMMETRIC ENCRYPTION STRUCTURES

In 1976, researchers from Stanford University, Diffie, and Hellman developed a system of encryption based on two different keys. It was developed to solve the key distribution problem in symmetric encryption techniques.

In asymmetric encryption structures, the public key is known to everyone, but the private key is not known to everyone. The private key is used to encrypt the public key, but the public key cannot be used to find the private key. The encrypted information with the private key can be decrypted using the corresponding public key. The use of very large prime numbers is common in asymmetric encryption algorithms.

2.2 TYPES OF ASYMMETRIC ENCRYPTION ALGORITHMS

Asymmetric encryption algorithms consist of three parts: Public Key Distribution Scheme, Signature Scheme, and Public Key Scheme.

The Public Key Distribution Scheme is designed to securely modify a portion of the text and is also used as a session key.

The Signature Scheme is used only to generate digital signatures, where the private key generates the signature, and the public key verifies the signature.

The Public Key Scheme is used for encryption.

2.3 ADVANTAGES OF ASYMMETRIC ENCRYPTION ALGORITHMS

  • Breaking asymmetric encryption is more difficult than symmetric encryption.
  • This method does not require the mutual transfer of private keys, thus solving the key distribution problem in symmetric encryption.
  • Since the public keys need to be known by those who want to send encrypted messages, these keys are easily distributed over the internet.
  • New methods, such as non-repudiation using two keys, have been developed.

2.4 DISADVANTAGES OF ASYMMETRIC ENCRYPTION ALGORITHMS

  • Consumes a lot of CPU time in decrypting data using keys.
  • This time increases exponentially with the length of the message. Asymmetric encryption algorithms include the following:
  1. Diffie Hellman
  2. RSA (Ronald L. Rivest, Adi Shamir, and Leonard Adleman)
  3. DSA (Digital Signature Algorithm)
  4. Elliptic Curve Algorithm (ECC)

In addition to these, asymmetric encryption structures are quite slow due to the algorithms they use, thereby using a lot of the computer's processing power.

3. HYBRID ENCRYPTION ALGORITHMS

These encryption systems, created by combining symmetric and asymmetric encryption algorithms, are secure and fast systems. Such systems are classified under the heading of hybrid systems. The use of encryption keys and other asymmetric encryption techniques is generally established by symmetric encryption structures for maintaining the integrity of mass data operations.

3.1 Block Encryption Algorithms

In this type of encryption, data is processed in blocks. The data is encrypted with the symmetric key using fixed bit lengths called blocks. It does not have internal memory, so it is called memory-less encryption. It is used in applications requiring integrity checks.

Some factors that determine the power of block ciphers are as follows:

  • Key: The length of the key we use is crucial. The longer our key, the more resistant it is to brute force attacks.
  • Number of loops: The number of loops in block encryption should be chosen carefully. It is also a very important factor in increasing the complexity of the code.
  • S-Boxes: They are the only nonlinear elements of block ciphers, and the proper selection of an S-Box directly affects the difficulty of the cipher.

3.2 AES (Advanced Encryption Standard) Algorithm

It was standardized in 2002 under the name Rijndael. AES encrypts fixed blocks of length 128 bits with encryption keys of 128, 192, and 256 bits. For a 128-bit key, encryption is performed in 10 cycles, while for 192 and 256-bit keys, it is performed in 12 and 14 cycles, respectively.

3.2.1 AES Loop Structure

The general structure of the algorithm consists of input, output, and matrices of 128 bits. The matrix, 4x4 (4 rows, 4 columns), consists of 16 divisions. This matrix is called "state." Each division of the state receives one byte of data, forming a 32-bit word in each row.

3.3 DES (Data Encryption Standard) Algorithm

It is one of the most widely used symmetric encryption structures in the world, which uses the Feistel encryption method. DES encrypts 64-bit data during processing using a 56-bit key. Due to the short key length, it was quickly broken. Therefore, "Triple-DES" (encrypt-decrypt-encrypt), or "3DES," was developed, which is used in many applications today. "3DES" involves using the DES encryption system three times in succession and is three times slower than the DES encryption system.

3.3.1 Working Principle of the DES Algorithm

The 64-bit data undergoes an initial permutation (IP) process. Afterward, the data is divided into two equal parts, initially denoted as L and R, each comprising 32 bits. These parts are then subjected to a loop of 16 iterations using the F function. At the end of the loops, the left and right halves are swapped, and the inverse of the initial permutation is applied.

3.3.2 Features of the 3DES Encryption Technique

The 3DES algorithm is created by applying the DES algorithm three times in succession. 3DES is considered a more secure variant of DES. It triples the number of bits in the encryption key, resulting in a 112-bit code. It is believed to provide twice as much security compared to DES usage.

3.3.3 Features of the 3DES Encryption Technique

  • It operates bidirectionally, meaning the encrypted data can be decrypted.
  • It is formed by three repetitions of the DES encryption.
  • It is three times slower compared to the DES encryption method.
  • It uses a 24-byte key for encryption, with each byte having a parity bit, making the total key length 168 bits.

Advantages:

  • They operate bidirectionally, allowing data accessibility as needed.
  • They mitigate hardware vulnerabilities in computers (e.g., VPNs, data communication networks).

Disadvantages:

  • Security is entirely dependent on the key; the stronger the key, the better the protection.
  • It operates six times slower compared to AES.

Use Cases:

  • Banking systems.
  • High-security programs.
  • Electronic payment systems (internet transactions).

Leave a message